Enable job alerts via email!
Information Security Analyst
SMS Plc.
United Kingdom
Hybrid
GBP 40,000 - 70,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
An established industry player is seeking an Information Security Analyst to enhance its IT & Information Security function. This role involves managing the Information Security Management System, ensuring compliance with ISO27001 and Cyber Essentials Plus, and conducting risk assessments. You will collaborate with various stakeholders to improve security practices and support audits. The position offers hybrid working options and a supportive environment for professional development. If you're passionate about making a difference in energy sustainability and security, this opportunity is for you.
Benefits
Qualifications
- Experience with ISO27001 implementation and auditing.
- Strong analytical skills and attention to detail.
Responsibilities
- Manage the Information Security Management System and write policies.
- Conduct internal assessments against ISO 27001 standards.
- Generate reports across Information Security areas.
Skills
Education
Job description
Why choose us?
Choosing to work for SMS means choosing to make a difference. We are changing how businesses and consumers use energy for the better, helping achieve a greener, sustainable, and more affordable energy system for everyone. Through our range of innovative energy solutions, we are delivering the future of smart energy – working closely with private and public sector partners we are playing a critical role in transforming and decarbonising the UK economy by 2050.
What's in it for you?
- 25 personal holiday days per year (with additional 8 public holidays) increasing to 30 personal days after 5 years of service (includes options to buy and sell)
- Hybrid working options.
- Enhanced Maternity leave. Paternity and Adoption leave.
- Automatic enrolment into our Employee Ownership Scheme.
- 24/7 free and confidential employee assistance service.
- Medicash health plan offers a wide variety of benefits from cashback on everyday healthcare treatments like optical, dental and physio treatments. Discounted gym memberships and free 24/7 online GP.
- Life Insurance (4 x annual salary)
- Pension matching scheme (up to 5% of salary)
- Developing our people is important to us - we support and encourage development by offering internal and external accredited courses, secondments and study support.
What's the role?
The Information Security Analyst, working as part of a wider Information Security team, handling the day-to-day administration of internal infosec, ISMS, audits, including implementation/ adherence to Information Security standards including ISO27001, Cyber Essentials Plus and NIST CSF. Compliance with GDPR regulations and reporting on the implementation of technical controls as needed.
You will support responding to customer and supplier audits, tracking the results, and ensuring any remedial actions are carried out as well as generating management information for various steering level groups. Furthermore, you will be involved in other consulting works as part of the wider InfoSec and IT teams.
The role will report to the Head of Information Security, the scope will cover the SMS PLC group and its subsidiaries to carry out the key responsibilities specified below. Building relationships with internal and external stakeholders is key in delivering against the key metrics within the information security team. The role may involve travel to sites across the UK to perform onsite security audits facilitating both internal and external parties.
In summary, the role is about collaborating with others to enhance the maturity of the organisations IT & Information Security function enabling the business to operate securely and efficiently without compromising productivity.
This role is offered on a 40 hour contract. The working hours are 8:30 to 5pm, Monday to Friday.
Key Responsibilities:
- Management the Information Security Management System, including writing policies, standards or procedures.
- Driving maturity against information security standards including ISO27001 and NIST Cyber Security Framework (CSF).
- Maintaining the IT Risk Register by carrying out regular risk assessments across the group.
- Supply guidance to Business stakeholders around Information Security/GDPR/Data privacy concerns.
- Conducting Internal Assessments against ISO 27001 (UK site travel may be needed).
- Assisting with External Audit Request Process.
- Report Generation across Information Security areas of responsibility.
- Data Governance response tasks and data cleansing.
- Third-party supplier management, RFCs, due diligence.
To be considered for this role, we would love you to have/be:
- A certified InformationSystems Auditor (CISA or equivalent).
- A degree in Information Technology/Computer Information Systems (or equivalent).
- ISO27001 Lead Auditor/Implementer Certification.
- Experience of ISO27001 implementation and auditing.
- Experience of Cyber Essentials Plus.
- Demonstratable experience within an information security role, with extensive experience on information security processes and regulations.
- The ability to work under pressure in a fast-paced and developing environment.
- Strong attention to detail with an analytical mind and excellent problem-solving skills.
#LI-Remote
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
